fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-04-25 21:32:51 +09:00
Code Issues Projects Releases Packages Wiki Activity

Update all other places to use new MediaFilter class

Browse source
This commit is contained in:
Kijin Sung 2016-03-13 09:59:26 +09:00
parent 7ecd9230c2
commit 2effbea06f
6 changed files with 29 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

29
modules/admin/admin.admin.controller.php
View file

@ -556,26 +556,31 @@ class adminAdminController extends admin
$vars = Context::getRequestVars();
// iframe filter
$embed_iframe = $vars->embedfilter_iframe;
$embed_iframe = array_filter(array_map('trim', preg_split('/[\r\n]/', $embed_iframe)), function($item) {
$iframe_whitelist = $vars->mediafilter_iframe;
$iframe_whitelist = array_filter(array_map('trim', preg_split('/[\r\n]/', $iframe_whitelist)), function($item) {
return $item !== '';
});
$embed_iframe = array_unique(array_map(function($item) {
$iframe_whitelist = array_unique(array_map(function($item) {
return preg_match('@^https?://(.*)$@i', $item, $matches) ? $matches[1] : $item;
}, $embed_iframe));
natcasesort($embed_iframe);
Rhymix\Framework\Config::set('embedfilter.iframe', array_values($embed_iframe));
}, $iframe_whitelist));
natcasesort($iframe_whitelist);
Rhymix\Framework\Config::set('mediafilter.iframe', array_values($iframe_whitelist));
// object filter
$embed_object = $vars->embedfilter_object;
$embed_object = array_filter(array_map('trim', preg_split('/[\r\n]/', $embed_object)), function($item) {
$object_whitelist = $vars->mediafilter_object;
$object_whitelist = array_filter(array_map('trim', preg_split('/[\r\n]/', $object_whitelist)), function($item) {
return $item !== '';
});
$embed_object = array_unique(array_map(function($item) {
$object_whitelist = array_unique(array_map(function($item) {
return preg_match('@^https?://(.*)$@i', $item, $matches) ? $matches[1] : $item;
}, $embed_object));
natcasesort($embed_object);
Rhymix\Framework\Config::set('embedfilter.object', array_values($embed_object));
}, $object_whitelist));
natcasesort($object_whitelist);
Rhymix\Framework\Config::set('mediafilter.object', array_values($object_whitelist));
// Remove old embed filter
$config = Rhymix\Framework\Config::getAll();
unset($config['embedfilter']);
Rhymix\Framework\Config::setAll($config);
// Admin IP access control
$allowed_ip = array_map('trim', preg_split('/[\r\n]/', $vars->admin_allowed_ip));

5
modules/admin/admin.admin.view.php
View file

@ -418,9 +418,8 @@ class adminAdminView extends admin
function dispAdminConfigSecurity()
{
// Load embed filter.
$oEmbedFilter = EmbedFilter::getInstance();
context::set('embedfilter_iframe', implode(PHP_EOL, $oEmbedFilter->whiteIframeUrlList));
context::set('embedfilter_object', implode(PHP_EOL, $oEmbedFilter->whiteUrlList));
context::set('mediafilter_iframe', implode(PHP_EOL, Rhymix\Framework\Security\MediaFilter::getIframeWhitelist()));
context::set('mediafilter_object', implode(PHP_EOL, Rhymix\Framework\Security\MediaFilter::getObjectWhitelist()));
// Admin IP access control
$allowed_ip = Rhymix\Framework\Config::get('admin.allow');

8
modules/admin/tpl/config_security.html
View file

@ -8,15 +8,15 @@
<input type="hidden" name="act" value="procAdminUpdateSecurity" />
<input type="hidden" name="xe_validator_id" value="modules/admin/tpl/config_security/1" />
<div class="x_control-group">
<label class="x_control-label" for="embedfilter_iframe">iframe</label>
<label class="x_control-label" for="mediafilter_iframe">iframe</label>
<div class="x_controls" style="margin-right:14px">
<textarea name="embedfilter_iframe" id="embedfilter_iframe" rows="8" style="width:100%;">{$embedfilter_iframe}</textarea>
<textarea name="mediafilter_iframe" id="mediafilter_iframe" rows="8" style="width:100%;">{$mediafilter_iframe}</textarea>
</div>
</div>
<div class="x_control-group">
<label class="x_control-label" for="embedfilter_object">object/embed</label>
<label class="x_control-label" for="mediafilter_object">object/embed</label>
<div class="x_controls" style="margin-right:14px">
<textarea name="embedfilter_object" id="embedfilter_object" rows="8" style="width:100%;">{$embedfilter_object}</textarea>
<textarea name="mediafilter_object" id="mediafilter_object" rows="8" style="width:100%;">{$mediafilter_object}</textarea>
</div>
</div>
<div class="x_control-group">